SAP’s strategy to position the SAP Business Technology Platform (BTP) at the heart of SAP’s product strategy as a unified and business-centric open platform will help enable organizations to become intelligent and sustainable enterprises.
Developer Velocity Index (DVI) — How software excellence fuels business performance:
A 2020 McKinsey survey of 440 senior executives at large enterprises points to a clear impact of open-source adoption. The data showed that top-quartile company adoption of open source had three times the impact on innovation as compared with companies in other quartiles. So, SAP is onto something with BTP with a push for an open platform. In addition, SAP’s Clean Core initiative which helps in the transformation journey to S/4HANA for organizations running legacy ERP systems today, the key enabler in this endeavor is BTP.
As the IT landscape becomes more and more complex, the topic of access and cybersecurity becomes even more important. Thus, having a clear identity and access management strategy is crucial to managing your employees, customers, and partners. The overall goal should be to optimize digital identities across your enterprise and encompass on-premise as well as cloud landscapes. Key points to enforce while exploring Identity and Access Governance -
Reduce cost while improving security with automation
Manage access – role & attribute-based controls
Eliminate excessive logins to various applications via Single Sign-on (SSO)
Implement Segregation of Duties (SoD) controls and quantify the impact of risk violations
Automate logging and monitoring of access risks
The next question would be which tools can be utilized to enable a holistic approach to user access security. For on-premise applications, SAP’s GRC Access Controls (GRC AC) can be utilized, tightly coupled with SAP’s Cloud Identity and Access Governance (IAG) for cloud-sourced applications and systems. This approach will ensure the security:
is not fragmented across multiple landscapes.
allows for digital identities to be reviewed from a single dashboard viewpoint.
doesn’t require multiple logins as SSO can be utilized across the landscape.
user roles and types can be holistically managed and reported upon.
is automated, and auditable, thus reducing external 3rd party audit costs.
SAP IAG running on SAP BTP does not replace GRC AC, but it offers similar capabilities to a broader environment — a hybrid cloud, with overlapping functions. Additionally, SAP IAG can connect to both cloud and on-premises through SAP Cloud Connector. The cloud connector establishes connectivity between SAP BTP and the target systems. The user interface (UI) for SAP IAG and GRC AC is SAP Fiori, although GRC AC also comes with NetWeaver Business Client (NWBC), which most of the SAP admins favor. The user experience is similar in both SAP IAG and SAP GRC AC tools when using SAP Fiori.
In today’s world, you cannot escape a conversation without the mention of ChatGPT, Machine Learning (ML), and Artificial Intelligence (AI). The same goes for the SAP landscape, where ML and AI can be used to automatically create business roles aligned to organizational functions. This will allow to reduce the complexity of the role design process; reduce the number of roles necessary to manage access; and provide for a greater degree of accuracy for users and role assignments.
In addition, ML and AI can also be utilized to refine anomaly detection methods such as statistical methods, one-time behavior, and potential malicious sites. In the ‘Secure from the Start’ blog, we discussed SAP’s Enterprise Threat Detection and Onapsis Security Platform as the two leading tools to address the cyber threats in the SAP landscape.
Identity and Access Governance security and compliance don’t have to be complicated. Kyyte is here to simplify your SAP transformation journey with a pragmatic approach, whether it is greenfield, bluefield, or brownfield. Contact us at info@kyyte.io.
Comments